Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package bmoor, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2020-7736 — CVSS 7.3 (high): The package bmoor before 0.8.12 are vulnerable to Prototype Pollution via the set function.
CVE-2021-23558 — CVSS 7.3 (high): The package bmoor before 0.10.1 are vulnerable to Prototype Pollution due to missing sanitization in set function. **Note:** This…